Administration Adware Spyware Apache Bluetooth DOS Commands Edge General Internet Connection Internet Explorer Media Center Media Player Mozilla Firefox MS Access Performance PHP Programming Security Silverlight Tips Tools Tutorials Windows 10 Windows 7 Windows 8 Windows Phone Windows Server 2008 Windows Server 2012 Windows Server 2016 Windows Vista Windows XP

"lsass.exe" Process on Windows 8

Q

What is the "lsass.exe" process on Windows 8? Is the "lsass.exe" process a virus? Can I terminate the "lsass.exe" process?

✍: FYIcenter.com

A

"lsass.exe - Local Security Authority Process" process is service hosting process on Windows 8 to host multiple security related services.

On the Processes tab of "Task Manager", "lsass.exe" process may be listed as: 

Image Name  PID  User Name   Memory   Description

lsass.exe   600  SYSTEM      3,368 K  Local Security Authority Process

Additional information about "lsass.exe" process: 

Command line:
   \Windows\System32\lsass.exe

Started by: wininit.exe

Files used:
   C:\ProgramData\Microsoft\MSOIdentityCRL\Tracing\MSOIDSSP.txt
   C:\Users\fyicenter\AppData\Local\Microsoft\Credentials
   C:\Users\fyicenter\AppData\Roaming\Microsoft\Credentials
   C:\Users\fyicenter\AppData\Roaming\Microsoft\SystemCertificates\My
   C:\Windows\System32
   C:\Windows\debug\PASSWD.LOG
   C:\Windows\debug\netlogon.log

Registry keys:

HKCU\Software\Microsoft\SystemCertificates\...
HKCU\Software\Policies\Microsoft\SystemCertificates
HKLM\SAM\SAM
HKLM\SECURITY
HKLM\SOFTWARE\Microsoft\Cryptography\...
HKLM\SOFTWARE\Microsoft\EnterpriseCertificates\...
HKLM\SOFTWARE\Microsoft\IdentityCRL\Trace
HKLM\SOFTWARE\Microsoft\IdentityStore\Cache
HKLM\SOFTWARE\Microsoft\IdentityStore\Providers
HKLM\SOFTWARE\Microsoft\MSOIdentityCRL\Trace
HKLM\SOFTWARE\Microsoft\SystemCertificates\...
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Audit
HKLM\SOFTWARE\Policies\Microsoft\Cryptography\...
HKLM\SOFTWARE\Policies\Microsoft\Netlogon
HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates
HKLM\SYSTEM\ControlSet001\Control\Lsa
HKLM\SYSTEM\ControlSet001\Control\Nls\Sorting\Versions
HKLM\SYSTEM\ControlSet001\Control\SecurityProviders\...
HKLM\SYSTEM\ControlSet001\Control\Session Manager
HKLM\SYSTEM\ControlSet001\services\Netlogon\Parameters
HKLM\SYSTEM\ControlSet001\services\WinSock2\Parameters\NameSpace_Catalog5
HKLM\SYSTEM\ControlSet001\services\WinSock2\Parameters\Protocol_Catalog9
HKLM\SYSTEM\ControlSet001\services\crypt32
HKU\.DEFAULT\Control Panel\International

"lsass.exe" process is not a virus. You should not terminate "lsass.exe" process.

 

"taskhost.exe" Process on Windows 8

"services.exe" Process on Windows 8

System Processes on Windows 8

⇑⇑ Windows 8 Processes Tutorials

2016-12-30, 823👍, 0💬

Administration Adware Spyware Apache Bluetooth DOS Commands Edge General Internet Connection Internet Explorer Media Center Media Player Mozilla Firefox MS Access Performance PHP Programming Security Silverlight Tips Tools Tutorials Windows 10 Windows 7 Windows 8 Windows Phone Windows Server 2008 Windows Server 2012 Windows Server 2016 Windows Vista Windows XP